PT-2019-17719 · Netapp · Ontap Select Deploy Administration Utility

Published

2019-09-24

Updated

2021-07-21

CVE-2019-5504

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ONTAP Select Deploy administration utility versions 2.12 through 2.12.1

Description The issue allows unauthenticated remote attackers to perform administrative actions due to an HTTP service bound to the network.

Recommendations For versions 2.12 through 2.12.1, consider restricting access to the HTTP service to prevent unauthenticated remote attacks until a patch is available.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2019-5504

Affected Products

Ontap Select Deploy Administration Utility

PT-2019-17719 · Netapp · Ontap Select Deploy Administration Utility

CVE-2019-5504

Weakness Enumeration

Related Identifiers

Affected Products

References · 3